From 0b3a331265070ddef99ea020d97ffe1bfddc9243 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Thu, 9 Apr 2020 19:10:55 +0200 Subject: [PATCH] Revert wc_OBJ_sn2nid --- tests/api.c | 13 ----------- wolfcrypt/src/asn.c | 54 +++++++++++++++++++++++++++++++-------------- wolfcrypt/src/ecc.c | 8 +++++++ 3 files changed, 45 insertions(+), 30 deletions(-) diff --git a/tests/api.c b/tests/api.c index b01debd2c..d6db7045e 100644 --- a/tests/api.c +++ b/tests/api.c @@ -28022,19 +28022,6 @@ static void test_wolfSSL_OBJ_sn(void) printf(testingFmt, "wolfSSL_OBJ_sn"); AssertIntEQ(wolfSSL_OBJ_sn2nid(NULL), NID_undef); - - #ifdef HAVE_ECC - { - int nCurves = 27; - EC_builtin_curve r[nCurves]; - EC_get_builtin_curves(r,nCurves); - - for (i = 0; i < nCurves; i++) { - AssertIntEQ(wolfSSL_OBJ_sn2nid(r[i].comment), r[i].nid); - AssertStrEQ(wolfSSL_OBJ_nid2sn(r[i].nid), r[i].comment); - } - } - #endif for (i = 0; i < maxIdx; i++) { AssertIntEQ(wolfSSL_OBJ_sn2nid(sn_wolf_set[i]), nid_set[i]); AssertStrEQ(wolfSSL_OBJ_nid2sn(nid_set[i]), sn_open_set[i]); diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index ca0791096..c4e60043f 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -5436,25 +5436,45 @@ WOLFSSL_API int EccEnumToNID(int n) #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) int wc_OBJ_sn2nid(const char *sn) { - const WOLFSSL_ObjectInfo *obj_info = wolfssl_object_info; - size_t i, snlen; - WOLFSSL_ENTER("wolfSSL_OBJ_ln2nid"); - if (sn && (snlen = XSTRLEN(sn)) > 0) { - /* Accept input like "/CN=" */ - if (sn[0] == '/') { - sn++; - snlen--; - } - if (sn[snlen-1] == '=') { - snlen--; - } - for (i = 0; i < wolfssl_object_info_sz; i++, obj_info++) { - if (snlen == XSTRLEN(obj_info->sName) && - XSTRNCMP(sn, obj_info->sName, snlen) == 0) { - return obj_info->nid; - } + const struct { + const char *sn; + int nid; + } sn2nid[] = { + {WOLFSSL_COMMON_NAME, NID_commonName}, + {WOLFSSL_COUNTRY_NAME, NID_countryName}, + {WOLFSSL_LOCALITY_NAME, NID_localityName}, + {WOLFSSL_STATE_NAME, NID_stateOrProvinceName}, + {WOLFSSL_ORG_NAME, NID_organizationName}, + {WOLFSSL_ORGUNIT_NAME, NID_organizationalUnitName}, + {WOLFSSL_EMAIL_ADDR, NID_emailAddress}, + {NULL, -1}}; + + int i; + #ifdef HAVE_ECC + int eccEnum; + #endif + WOLFSSL_ENTER("OBJ_sn2nid"); + for(i=0; sn2nid[i].sn != NULL; i++) { + if(XSTRNCMP(sn, sn2nid[i].sn, XSTRLEN(sn2nid[i].sn)) == 0) { + return sn2nid[i].nid; } } + #ifdef HAVE_ECC + /* Nginx uses this OpenSSL string. */ + if (XSTRNCMP(sn, "prime256v1", 10) == 0) + sn = "SECP256R1"; + if (XSTRNCMP(sn, "secp384r1", 10) == 0) + sn = "SECP384R1"; + /* find based on name and return NID */ + for (i = 0; ecc_sets[i].size != 0 && ecc_sets[i].name != NULL; i++) { + if (XSTRNCMP(sn, ecc_sets[i].name, ECC_MAXNAME) == 0) { + eccEnum = ecc_sets[i].id; + /* Convert enum value in ecc_curve_id to OpenSSL NID */ + return EccEnumToNID(eccEnum); + } + } + #endif + return NID_undef; } #endif diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 6b9957dc7..80e428dad 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -6296,6 +6296,10 @@ int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx, int keysize; byte pointType; +#ifndef HAVE_COMP_KEY + (void)shortKeySize; +#endif + if (in == NULL || point == NULL || (curve_idx < 0) || (wc_ecc_is_valid_idx(curve_idx) == 0)) return ECC_BAD_ARG_E; @@ -6340,7 +6344,11 @@ int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx, /* calculate key size based on inLen / 2 if uncompressed or shortKeySize * is true */ +#ifdef HAVE_COMP_KEY keysize = compressed && !shortKeySize ? inLen : inLen>>1; +#else + keysize = inLen>>1; +#endif /* read data */ if (err == MP_OKAY)